Security

Reply
Occasional Contributor I

8021x Machine authentication

Hi everyone I have a problem with client authentication. I want to allow domain clients to authenticate to the internal vlan on the 10.1.150 network. If the client is not a domain member then it should be placed onto the guest network 192.168.1. I have enabled Enforce Machine Authentication and set the Default machine role to authenticated and the Default User Role to 802.1xUser (guest role). My problem is that some non-domain member clients are being given the internal vlan on the 10.1.150 network even though they have been placed into the 802.1xUser role. I have attached an image, the circles in red indicate wrong subnet green is correct. Any ideas? 7210 Controller OS version 6.3.1.6 Thanks

Frequent Contributor I

Re: 8021x Machine authentication

The Auth Type would suggest that particular user is getting the 802.1X Authentication Default Role from the AAA profile and not the default user role under Machine Authentication. Are there differences in the device type?

Any amount of Kudos will be greatly appreciated!!!
Aruba Employee

Re: 8021x Machine authentication

Hi Greg, 

 

so i belive you are usign RBV (role based VLAN). in 6.3.1.6, we have found a bug with RVB and it is fixed in 6.3.1.7. 

Vinod Kumaar AVM ACMX, ACDX
Principal Network Engineer
Customer Advocacy | Aruba Networks Inc.

Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.
Occasional Contributor I

Re: 8021x Machine authentication

Hi Vinod

 

Thanks, I will do an upgrade.

 

Regards

 

Greg

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: